-
-
Notifications
You must be signed in to change notification settings - Fork 19
134 lines (116 loc) · 4.68 KB
/
desktop-macos-release.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
name: Desktop MacOS Release
on:
push:
tags:
- '*-desktop'
jobs:
deploy:
runs-on: macos-latest
timeout-minutes: 40
permissions:
contents: write
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: set up JDK
uses: actions/setup-java@v3
with:
distribution: 'zulu'
java-version: 18
- uses: gradle/[email protected]
with:
gradle-home-cache-cleanup: true
cache-read-only: false
- name: Import signing certificate into keychain
run: |
KEYCHAIN_FILE=default.keychain
security create-keychain -p $KEYCHAIN_PASSWORD_MACOS $KEYCHAIN_FILE
security default-keychain -s $KEYCHAIN_FILE
security unlock-keychain -p $KEYCHAIN_PASSWORD_MACOS $KEYCHAIN_FILE
security import <(echo $SIGNING_CERTIFICATE_P12_DATA | base64 --decode) \
-f pkcs12 \
-k $KEYCHAIN_FILE \
-P $SIGNING_CERTIFICATE_PASSWORD \
-T /usr/bin/codesign
security set-key-partition-list -S apple-tool:,apple: -s -k $KEYCHAIN_PASSWORD_MACOS $KEYCHAIN_FILE
env:
SIGNING_CERTIFICATE_P12_DATA: ${{ secrets.SIGNING_CERTIFICATE_P12_DATA_MACOS }}
SIGNING_CERTIFICATE_PASSWORD: ${{ secrets.SIGNING_CERTIFICATE_PASSWORD_MACOS }}
KEYCHAIN_PASSWORD_MACOS: ${{ secrets.KEYCHAIN_PASSWORD_MACOS }}
- name: Run Checks
run: ./gradlew detekt desktopTest jvmTest
- name: Upload reports
if: failure()
uses: actions/upload-artifact@v3
with:
name: build-reports
path: |
**/build/reports/*
- name: Update Licenses file
run: ./gradlew desktopApp:exportLibraryDefinitions -PaboutLibraries.exportPath=src/main/resources/
- name: Create path variables
id: path_variables
run: |
tag=$(git describe --tags --abbrev=0 --match "*-desktop")
version=$(echo "$tag" | sed 's/-desktop$//')
name="FeedFlow-${version}.dmg"
path="desktopApp/build/release/main-release/dmg/${name}"
echo "TAG=$tag" >> $GITHUB_OUTPUT
echo "VERSION=$version" >> $GITHUB_OUTPUT
echo "RELEASE_PATH=$path" >> $GITHUB_OUTPUT
- name: Create Properties file
run: |
echo "is_release=true" >> desktopApp/src/jvmMain/resources/props.properties
echo "sentry_dns=$SENTRY_DNS" >> desktopApp/src/jvmMain/resources/props.properties
echo "version=$VERSION" >> desktopApp/src/jvmMain/resources/props.properties
env:
SENTRY_DNS: ${{ secrets.SENTRY_DNS }}
VERSION: ${{ steps.path_variables.outputs.VERSION }}
- name: Create DMG
run: ./gradlew packageReleaseDmg
- name: Upload reports
if: failure()
uses: actions/upload-artifact@v3
with:
name: reports
path: |
**/build/compose/logs/*
- name: Notarization
run: |
xcrun notarytool submit $RELEASE_PATH --apple-id $APPLE_ID_NOTARIZATION --password $NOTARIZATION_PWD --team-id $APPSTORE_TEAM_ID --wait
xcrun stapler staple $RELEASE_PATH
env:
APPLE_ID_NOTARIZATION: ${{ secrets.APPLE_ID_NOTARIZATION }}
APPSTORE_TEAM_ID: ${{ secrets.APPSTORE_TEAM_ID }}
NOTARIZATION_PWD: ${{ secrets.NOTARIZATION_PWD }}
RELEASE_PATH: ${{ steps.path_variables.outputs.RELEASE_PATH }}
- name: Upload binaries to release
uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ${{ steps.path_variables.outputs.RELEASE_PATH }}
tag: ${{ steps.path_variables.outputs.TAG }}
overwrite: true
body: "Release ${{ steps.path_variables.outputs.VERSION }}"
- name: Update website
run: |
file_path="website/data/hero.yml"
new_link="https://github.com/prof18/feed-flow/releases/download/$VERSION-desktop/FeedFlow-$VERSION.dmg"
awk -v new_link="$new_link" '/^button3Link:/ {print "button3Link: " new_link; next} 1' "$file_path" > tmpfile && mv tmpfile "$file_path"
env:
VERSION: ${{ steps.path_variables.outputs.VERSION }}
- name: Setup Hugo
uses: peaceiris/actions-hugo@v2
with:
hugo-version: '0.101.0'
extended: true
- name: Build
run: |
cd website
HUGO_ENV=production hugo --gc --minify
- name: Deploy
uses: peaceiris/actions-gh-pages@v3
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
publish_dir: website/public